General

  • Target

    8256436d8c0184c0566d594aab21931714c71217fbd20b4f53b1c4a58daaedd0

  • Size

    180KB

  • Sample

    211021-f1e64shgh5

  • MD5

    aba5b0df02c421887cd5899a1e3ee976

  • SHA1

    f126397b4e63a9dc647172ee71c737d4271e0522

  • SHA256

    8256436d8c0184c0566d594aab21931714c71217fbd20b4f53b1c4a58daaedd0

  • SHA512

    650e5ba28d642a225f605659538a203c694b09bb00f60c68a5b5d9b2db8ba09a25c780edb1da994e994c49baf6e67200fd63b991592a9da62e63cc99300645bc

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

155.138.203.91:443

207.180.220.242:8116

46.101.142.214:6891

rc4.plain
rc4.plain

Targets

    • Target

      8256436d8c0184c0566d594aab21931714c71217fbd20b4f53b1c4a58daaedd0

    • Size

      180KB

    • MD5

      aba5b0df02c421887cd5899a1e3ee976

    • SHA1

      f126397b4e63a9dc647172ee71c737d4271e0522

    • SHA256

      8256436d8c0184c0566d594aab21931714c71217fbd20b4f53b1c4a58daaedd0

    • SHA512

      650e5ba28d642a225f605659538a203c694b09bb00f60c68a5b5d9b2db8ba09a25c780edb1da994e994c49baf6e67200fd63b991592a9da62e63cc99300645bc

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks